Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Network Connections Empty


  • This topic is locked This topic is locked
3 replies to this topic

#1 leachim

leachim

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Local time:10:03 AM

Posted 02 February 2013 - 06:00 PM

Hello

I have a Vista desktop computer that won't connect to the net

Nothing is listed in Network Connections, although in device manager there is the driver listed ok for the ethernet device

It has had infections cleared by Malwarebytes and combofix, but still won't connect

Done SFC /SCANNOW and run Tweaking.com various Utilities in their useful Windows Repair thingy

What scans do you want me to do ?



Thanks

2 files attached....

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18639
Run by home at 22:51:57 on 2013-02-02
#Option MBR scan is disabled.
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2737658
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=Presario&pf=desktop
uSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%s
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFre0.dll
mURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFre0.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: <No Name>: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFre0.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: FreeOnlineRadioPlayerRecorder Toolbar: {F999A48B-1950-4D81-9971-79018F807B4B} - c:\program files\freeonlineradioplayerrecorder\prxtbFre0.dll
TB: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFre0.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRunOnce: [Launcher] c:\windows\sminst\launcher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 192.168.1.254
Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2013-02-02 18:51:46 -------- d-----w- C:\Deckard
2013-02-02 18:35:24 -------- d-----w- c:\program files\Trend Micro
2013-02-02 10:10:18 -------- d-----w- c:\windows\system32\EventProviders
2013-02-02 10:02:35 1536 ----a-w- c:\windows\system32\wbem\WMIObjectsMigration.bin
2013-02-02 10:02:13 303616 ----a-w- C:\SetACL.exe
2013-02-02 09:50:19 -------- d-----w- C:\RegBackup
2013-02-02 08:42:58 -------- d-----w- c:\windows\pss
2013-02-01 19:28:21 -------- d-----w- c:\users\home\appdata\local\temp
2013-02-01 19:27:46 -------- d-sh--w- C:\$RECYCLE.BIN
2013-02-01 18:33:48 98816 ----a-w- c:\windows\sed.exe
2013-02-01 18:33:48 256000 ----a-w- c:\windows\PEV.exe
2013-02-01 18:33:48 208896 ----a-w- c:\windows\MBR.exe
2013-01-31 21:24:40 290304 ----a-w- C:\subinacl.exe
2013-01-31 20:30:19 -------- d-----w- c:\users\home\appdata\roaming\Malwarebytes
2013-01-31 20:30:11 -------- d-----w- c:\programdata\Malwarebytes
2013-01-31 20:30:10 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-31 20:30:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-31 20:21:36 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2013-01-25 18:25:11 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e4c67081-3d57-4f45-9381-976cf798316d}\mpengine.dll
2013-01-18 22:11:38 96664 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2013-01-18 22:11:38 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin7.dll
2013-01-18 22:11:38 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin6.dll
2013-01-18 22:11:38 157712 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
2013-01-18 22:11:37 184248 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-01-18 22:11:37 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2013-01-18 22:11:37 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2013-01-18 22:11:37 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2013-01-18 22:11:37 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2013-01-18 22:11:37 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
.
==================== Find3M ====================
.
2010-06-13 19:10:00 2734688 ----a-w- c:\program files\tbFree.dll
.
============= FINISH: 22:52:21.38 ===============

Attached Files


Edited by hamluis, 02 February 2013 - 06:15 PM.
Moved from Vista to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:09:03 AM

Posted 05 February 2013 - 08:26 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 leachim

leachim
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Local time:10:03 AM

Posted 06 February 2013 - 06:18 PM

Hi

Its been a while, but what I did was clear any infections

Then download an iso image of Vista with SP1 and did a repair reinstall

After a struggle with Windows Powershell and uninstalling it, It managed to upgrade and Network connections came back

Hope this helps someone

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:09:03 AM

Posted 06 February 2013 - 08:49 PM

Thanks for letting me know that :thumbup2:

-----------------------------------------------

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users